From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Tue, 3 Jul 2018 04:46:45 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: <20180703044645.GA4448@gyle.altlinux.org> Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p8/branch packages: +8 (18101) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jul 2018 04:46:45 -0000 Archived-At: List-Archive: 8 UPDATED packages apt-indicator - Applet for indication that newer packages are available * Wed Jun 27 2018 Sergey V Turchin 0.3.11-alt1.M80P.1 - wait after startup only if autostarted * Tue Jun 26 2018 Sergey V Turchin 0.3.10-alt1.M80P.1 - fix raise info window * Thu Jun 21 2018 Sergey V Turchin 0.3.9-alt1.M80P.1 - raise info window on second app startup if tray is already visible * Fri Dec 15 2017 Sergey V Turchin 0.3.8-alt1.M80P.1 erlang - A programming language developed by Ericsson [42M] * Fri Jun 15 2018 Aleksei Nikiforov 1:20.1.3-alt3.M80P.1 - Rebuilt with %ubt macro support, disabled parallel docs build. * Fri May 18 2018 Sergey Bolshakov 1:20.1.3-alt2 - fixed build on arm arches * Thu Oct 26 2017 Denis Medvedev 1:20.1.3-alt1 - new version * Wed Apr 05 2017 Denis Medvedev 1:19.0.7-alt2 - recompilation with updated rpm-build-erlang * Tue Sep 20 2016 Denis Medvedev 1:19.0.7-alt1 - new version * Thu Apr 07 2016 Denis Medvedev 1:18.3-alt2 Note: changelog entry for 1:19.0.7-alt0.M80P.1 not found. etcnet - /etc/net network configuration system * Sat Jun 09 2018 Andrey Bychkov 0.9.11-alt1.M80P.1 - wireguard support added * Sat Jun 09 2018 Andrey Bychkov 0.9.10-alt19.M80P.3 - vti support added * Mon Oct 02 2017 Valery Inozemtsev 0.9.10-alt18.M80P.3 firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser [258M] * Thu Jun 28 2018 Andrey Cherepanov 60.1.0-alt0.M80P.1 - Backport new version to p8 branch. * Tue Jun 26 2018 Andrey Cherepanov 60.1.0-alt1 - New ESR version (60.1.0). - Fixed: + CVE-2018-12359 Buffer overflow using computed size of canvas element + CVE-2018-12360 Use-after-free when using focus() + CVE-2018-12361 Integer overflow in SwizzleData + CVE-2018-12362 Integer overflow in SSSE3 scaler + CVE-2018-5156 Media recorder segmentation fault when track type is changed during capture + CVE-2018-12363 Use-after-free when appending DOM nodes + CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins + CVE-2018-12365 Compromised IPC child process can list local filenames + CVE-2018-12371 Integer overflow in Skia library during edge builder allocation + CVE-2018-12366 Invalid data handling during QCMS transformations + CVE-2018-12367 Timing attack mitigation of PerformanceNavigationTiming + CVE-2018-12368 No warning when opening executable SettingContent-ms files + CVE-2018-12369 WebExtension security permission checks bypassed by embedded experiments + CVE-2018-5187 Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1 + CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 * Mon Jun 18 2018 Andrey Cherepanov 60.0.2-alt2 - Fix build for aarch64 (thanks legion@). * Mon Jun 11 2018 Andrey Cherepanov 60.0.2-alt1 - New ESR version (60.0.2). - Fixed: + CVE-2018-6126 Heap buffer overflow rasterizing paths in SVG with Skia * Tue Jun 05 2018 Andrey Cherepanov 60.0.1-alt1 - New ESR version (60.0.1). - Fixed: + CVE-2018-5154: Use-after-free with SVG animations and clip paths + CVE-2018-5155: Use-after-free with SVG animations and text paths + CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files + CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer + CVE-2018-5159: Integer overflow and out-of-bounds write in Skia + CVE-2018-5160: Uninitialized memory use by WebRTC encoder + CVE-2018-5152: WebExtensions information leak through webRequest API + CVE-2018-5153: Out-of-bounds read in mixed content websocket messages + CVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache + CVE-2018-5164: CSP not applied to all multipart content sent with multipart/x-mixed-replace + CVE-2018-5166: WebExtension host permission bypass through filterReponseData + CVE-2018-5167: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger + CVE-2018-5168: Lightweight themes can be installed without user interaction + CVE-2018-5169: Dragging and dropping link text onto home button can set home page to include chrome pages + CVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer + CVE-2018-5173: File name spoofing of Downloads panel with Unicode characters + CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update + CVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in their policies + CVE-2018-5176: JSON Viewer script injection + CVE-2018-5177: Buffer overflow in XSLT during number formatting + CVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox + CVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced + CVE-2018-5181: Local file can be displayed in noopener tab through drag and drop of hyperlink + CVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped on addressbar + CVE-2018-5151: Memory safety bugs fixed in Firefox 60 + CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 * Thu May 10 2018 Andrey Cherepanov 52.8.0-alt0.M80P.1 firefox-esr-l10n - Language Pack for Firefox ESR [41M] * Wed Jun 13 2018 Andrey Cherepanov 60.0.2-alt0.M80P.1 - Backport new version to p8 branch. * Fri Jun 08 2018 Andrey Cherepanov 60.0.2-alt1 - New version. * Tue Jun 05 2018 Andrey Cherepanov 60.0.1-alt1 - New version. - Added languages: Belarusian, Interlingua, Burmese, Occitan and Urdu. * Wed May 09 2018 Andrey Cherepanov 52.8.0-alt1 rabbitmq-server - The RabbitMQ server * Fri Jun 15 2018 Aleksei Nikiforov 3.6.16-alt1.M80P.1 - Updated to upstream version 3.6.16. * Mon Nov 27 2017 Denis Medvedev 3.6.14-alt4 - added (Fixes: CVE-2016-9877). * Sun Nov 26 2017 Denis Medvedev 3.6.14-alt3 - Added needed, but unusual dependencies * Thu Nov 16 2017 Denis Medvedev 3.6.14-alt2 - recompilation with fixed rpm-build-utils * Fri Nov 10 2017 Alexey Shabalin 3.6.14-alt1 - 3.6.14 * Sun Apr 16 2017 Ivan Zakharyaschev 3.6.8-alt4 - rabbitmq-script-wrapper: optimized and made the Bash-scipting safer (tolerant to spaces in values). * Thu Apr 13 2017 Ivan Zakharyaschev 3.6.8-alt3 - rabbitmq-script-wrapper: robust quoting of args when su is used (under root). The old approach (putting quotes around the args) could not be extended correctly to the case when there were both kinds of quotation marks (' and ") in one of the original args. * Tue Mar 28 2017 Alexey Shabalin 3.6.8-alt2 - fix logrotate config * Fri Mar 17 2017 Alexey Shabalin 3.6.8-alt1 - 3.6.8 - fixed CVE-2016-9877 * Wed Sep 28 2016 Alexey Shabalin 3.6.5-alt1 - 3.6.5 * Fri Jun 10 2016 Denis Medvedev 3.5.4-alt2.2 Note: changelog entry for 3.6.5-alt0.M80P.1 not found. rpm-build-erlang - RPM helper scripts to calculate Erlang dependencies * Fri Jun 15 2018 Aleksei Nikiforov 0.7.10.1-alt2.M80P.1 - Rebuilt with %ubt macro support. * Sun Nov 26 2017 Denis Medvedev 0.7.10.1-alt1 - finding app in ez files * Sun Nov 26 2017 Denis Medvedev 0.7.10.0-alt1 - debugged version * Mon Oct 23 2017 Denis Medvedev 0.7.0.6-alt1 - fixes buggy ez files detection. * Thu Jul 28 2011 Sergey Shilov 0.7.0.3-alt1 tsung - A distributed multi-protocol load testing tool * Fri Jun 15 2018 Aleksei Nikiforov 1.7.0-alt2.M80P.1 - Rebuilt with %ubt macro support. * Tue Oct 31 2017 Denis Medvedev 1.7.0-alt1 - new version * Mon Oct 23 2017 Denis Medvedev 1.6.0-alt1.1 - Rebuild with fixed rpm-build-erlang. * Thu Apr 07 2016 Denis Medvedev 1.6.0-alt1 Total 18101 source packages.